Feeds:
Posts
Comments

Archive for July, 2020

Composer James Beckwith has been at work with the COVID-19 infection and mortality numbers. You could say that he lets the virus play a tune – and it’s not a pretty melody. Let this be a warning to all those who think that the epidemic is gone, or the virus weakened: the numbers are not getting better after June (even if that might seem to be the case in your little corner of the world)!

I hope James can provide one or more updated versions in the future.

Read Full Post »

Charlie Arehart is a well-known ColdFusion specialist. Two days ago, he wrote a blog post explaining why one should be careful about securing ColdFusion Archive (CAR) files. The Adobe ColdFusion team isn’t very explicit about the issue, telling us in small print that we should delete those files after using them – but does not explain why we should do so. So Charlie explains it in great detail – if you work with Adobe ColdFusion, you should check out his blog.

Now Charlie only mentions versions 2016 and 2018 of ColdFusion, and I know that there are still developers around that work with older versions – actually, I’m one of those: ColdFusion 11 is what I support (and occasionally develop for) since 2015. I have been using  .car files for installing CF servers, and I had already been looking at what they contained. But I had never seen the ‘seed’ and ‘algorithm’ strings Charlie writes about, but I could have overlooked them. So I went in again today, to verify things.

I can confirm that .car files created in CF11 do NOT contain those strings. But before you start celebrating, I must warn you that this probably means that the situation is even worse than for more recent versions. Because CF11 will write (encrypted) passwords into a .car file, and yes: those files can be used to reconfigure another server, passwords included ! Which probably means that all CF11 runtimes use the same seed and algorithm, rendering  CF11.car files containing passwords even more insecure than later versions

I did not know about all this until yesterday, but I seem to have circumvented the problem: I wrote an application to install datasource definitions on the servers rather than use CAR files. That offers multiple advantages: the code  (and hence the definitions) is under version control, and can only be accessed by authorized users; we have different definitions for different environments; etc. And the.car files I do use have no passwords in them – whew!

But it’s clear that it pays take this issue into account as a ColdFusion developer or administrator, whatever solution you choose (and Charlie has a few propositions).

Read Full Post »

Strong words, but there’s more than a grain of truth in them: “Why Kubernetes is The New Application Server“. “Classic” application servers like those for Java are no longer sufficient by themselves to build a platform that can serve big internet-applications with a large, world-wide audience. And in the world of “containers” Kubernetes seems to be king, as far as I can tell.

Container ship at sea

(Photo by GPA Photo Archive – Original on Flickr)

In order for containerisation to work, applications must be properly “documented” – in fact, the bulk of the “configuration documentation” will somehow be part of what is needed to get those containers up and running. Around the time I read up on Kubernetes I stumbled onto something called “The Twelve-Factor App” – can’t remember who pointed me there. This methodology (it’s not an app!) describes a well-documented way to build, configure and run a cloud application – a laudable objective.

At work, we have tried to describe our applications in order to migrate them to another (Windows) domain with new (better) rules about access control, database access, etc. But things aren’t working out as they should. We do have documentation, although I’m not sure how useful it is outside of the context of passing relevant information from the developers to an external partner that will implement parts of the configuration. Additionally, we have described lots of “what“s, but almost no “why“s – which might be essential in the coming months and years as the applications continue to evolve…

Ideally, I would have loved to have a decent ‘methodology’ for documenting application essentials when we were building our applications. Trying to figure out what has to be done to get things up and running again on new servers has become something of a nightmare. That is even more so when the application you’re handling was developed by someone who’s no longer available for questioning!

The Twelve-Factor app may turn out to be very useful, although I suspect it is incomplete. I don’t think there is a single method for completely describing and documenting applications and systems that extend beyond the most simple cases. Any ‘methodology’ to build software is bound to need more or less tweaking to fit your (or your company’s) way of working. Getting to know methodologies other than the one you’re using is a good way of discovering what you need to get better!

Read Full Post »

There are many reasons to do away a with cash money in modern society. One of those reasons has been reinforced in these Corona times: paper bills and metal coins can be a transmission vector for infectious diseases. The discussion about pros and cons is certainly not yet over, as evidenced on Wikipedia.

Let me add another reason not to throw out coins right away. Many older photo cameras will demand that you use a coin to open and close their battery compartment:

So yes, cash – even those small almost worthless coins – can be more than just money: they are a very useful tool ;-)

Read Full Post »

I have finally found some time to play with the Raspberry Pi. Nothing spectacular; I have great things in mind for it, but for the moment I would just like it to take over the “solar” duties of the Asus EeePc that is running permanently (and hence providing a small heat source in the winter, right on my desk).

One of the first things I tried is prepping the Pi to run all that old Python USB stuff the SMA Sunny Boy requires me to use. My habit of trying to document my experiences as much as possible paid off: I just had to follow the instructions I wrote down myself in 2017 how to install an old pyusb package on Ubuntu – much to my surprise, they work flawlessly on the Raspbian 10 running on the Pi. Onwards to further testing!

Read Full Post »

It does not rain that often on July 1st here in Belgium, but it did in 2020 ;-)

Our solar electricity production numbers for June are not influenced by the latest rainy days, luckily: the panels generated just a bit more than the average of the past 10 months of June. In total, we have now surpassed the 22 MWh mark in ten and a half years.

Read Full Post »